Cyber Security Specialist at Absa Bank Limited

Job Purpose

To drive IT Risk compliance which ultimately ensures that all the Bank’s management data, processes, risks, and controls are effectively operating. Ensure that all cybersecurity activities and duties are carried out in full compliance with regulatory requirements, Enterprise-wide Risk Management Framework and internal Absa Policies and Standards. Understand and manage cyber security risks and risk events.

Accountability:  60%

• Assessing the risks and exposures related to cybersecurity and aligning to the Bank’s risk appetite.
• Monitoring current and emerging risks and changes to laws and regulations for appropriate actions.
• Collaborating with stakeholders charged with safeguarding the information assets at Absa to ensure appropriate control design and configurations.
• Maintain comprehensive cyber risk registers: Key cybersecurity risks should be regularly identified and assessed. Risk identification should be forward looking and include the security incident handling.
• Ensure implementation of the cyber and information risk management strategy including cyber risk policies and standards.
• Safeguarding the confidentiality, integrity and availability of information asset and Technology platforms.
• Establishing & maintaining a comprehensive inventory of IT assets and classified by business criticality.
• Run the vulnerability management program to ensure vulnerabilities are identified, prioritized and remediated on time.
• Engage with stakeholders across the Absa Group to motivate and drive remediation of vulnerabilities and identified issues.

Accountability:  20%

• Implement parameters to measure Cyber risks exposure.
• Monitoring adherence to cyber risks policy & standards to drive remediation measures.
• Reporting all cyber risks consistently and comprehensively to the senior leadership & relevant stakeholders to facilitate appropriate decisions.

Accountability:  10%

• Create Cybersecurity awareness across the bank from strategic, technical, and general sensitization.
• Create Cybersecurity awareness circulars for customers.

Accountability:  10%

• Research on emerging cybercrime trends and gathering threats intelligence for onward sharing.
• Coordinate red team exercises.
• Coordinate penetration testing activities for new and existing applications and infrastructure.

Education and experience required

• B-degree in (Computer Science) (NQF level no.)
• (5) years Technical experience

Knowledge and skills: (Maximum of 6)

• Proficiency with Linux and Windows operating systems
• Network monitoring
• Vulnerability Assessment and Penetration Testing
• Risk Assessment
• Incident Response
• Data Analysis and Reporting

Competencies: (Maximum of 8 competencies)

• Deciding and initiating action
• Learning and researching
• Entrepreneurial and commercial thinking
• Relating and networking
• Adapting and responding to change
• Persuading and influencing
• Creating and innovating